So basically I'm programming a form that passes data from index.php to highscore.php. To stop spammers that click on the submit button repetitively, I have added a system where index.php creates a uniqid and sets it as a session variable as well as posting it with the rest of the form. highscores.php receives the posted uniqid and compares it to the session variable. If it matches, it adds the data and unsets the session variable, thereby stopping all of the other posts it gets because the uniqid doesn't match anymore
However, the $_SESSION['form_token'] is not a valid index on the highscores.php page. I'm not sure what's going wrong...
Here is my code:
index.php
<?php
session_start();
$form_token = uniqid();
$_SESSION['form_token'] = $form_token;
echo $_SESSION['form_token'];
?>
highscore.php
session_start();
echo $_SESSION['form_token'];
The echo on the last line doesn't print anything.
If you need more code, please let me know.
Thanks in advance for your help!
EDIT: Running print_r($_SESSION) on index.php has returned:
56a741da4bcc7Array
(
[form_token] => 56a741da4bcc7
)
on highscores.php it returns
Array()
Also, on the index.html, the echo $_SESSION['form_token'] does return the uniqid...
EDIT 2: I've been experimenting with it, and i found out that if I reload index.php then submit the form, it works fine. Otherwise, it seems to not work...
Thanks again!
Related
<?
session_start();
$_SESSION['name'] = "$_GET["name"]";
$_SESSION['email'] = "$_GET["email"]";
$session_id=session_id();
echo"$session_id <br> $_SESSION['name'] <br> $_SESSION['email']";
?>
I am trying to create a session to store visitor input form with GET method, I cant use POST because the form is handled by wordpress plugins and the client only gave me the GET option. The problem is:
On page #1, this is the page after we submit the form, the echo is shown complete.
At page #2, I already add session_start(); at top but $_SESSION['name'] and $_SESSION['email'] keep empty (change page) but $session_id is stored and show same.
What am I missing? or maybe $_SESSION is cant store $_GET?
So on the first page you save the values from the user input and it works as expected.
However, when you go to the second page, your code is overriding the session with new variables, which are empty in this case. Before assigning anything to the session, you should check whether it is not empty / valid.
For this simple code I would recommend checking via isset / array_key_exists functions.
I have a global variable called $_SESSION['user_name'] which is set with POST value when I click on the Submit button in a form.
In this php file, I check if $_SESSION['user_name'] is empty.
If yes, I have to file a form and if no, means the session is still going on and it sends you to the profile.
Anyway, after I fill the form, then it compares this variable if it matches another variable and then heads to the profile.php if true.
On this page, I have one button which is meant to "logout" the user.
On pressing, it sends you to another php file where I change the variable
(I have echo-ed it before and it does change it)
but it doesn't forward it back to main page (index.php) and the variable still has the value from the $_POST although it is different in logout.php as I change it.
Code I have at logout.php:
<?php
session_start();
$_SESSION['user_name'] = ""; // makes it empty
echo $_SESSION['user_name'];
?>
And some html where I use meta tag to redirect back to the index.
Now, my question is, how can I forward the changed variable back to the index or form page? Or is there any other way of doing that?
Thanks :)
Try setting your logout.php file to something like this:
<?
require_once('functions.php');
log_out_user();
header("Location: login.php");
exit;
?>
Now in your functions file, for example, try writing this function:
function log_out_user() {
unset($_SESSION['username']);
// You can also use: session_destroy();
return true;
}
Hope this helps!
I currently have some php code on a form action, and it is being updated to the form's next page with
<?php echo $_POST['var here']; ?>
and it is working, but I noticed when Im trying to refresh the page it asks to confirm resubmission. When I resubmit it works in that tab in which it was sumbitted, but in another new tab it does not show the displayed php post variables. I even took it the next step by seeing that when I open the 2nd page after the form action has been submitted the php post variables are gone...
Help!
Thanks!
When you submit a form with <form method="post" /> it does a post request to the server, thus populating $_POST. When you open the link in a new tab it is no longer a post request but a get request. That is why you'll see nothing in $_POST.
$_POST — usually from forms
$_GET - from values on the URL (the query string myscript.php?myvar=Joe)
You can find plenty of resource about it. You can start here
If you want to keep the values you can save them to the session:
<?php
session_start(); // should be at the top of your php
if (isset($_POST['var'])) {
$_SESSION['var'] = $_POST['var'];
}
$myvar = isset($_SESSION['var']) ? $_SESSION['var'] : "no var";
echo $myvar;
Now the value is stored in the session so you can visit the page in a new tab and it will still be there.
This sounds like desired behavior. The $_POST variable should only be filled when the post action is created. If you're looking to store variables across pages you could store it in either the $_SESSION var in PHP or deal with the front end $_COOKIE business. If you're always going to be rendering pages from the backend then $_SESSION is the way to go. It's never too late to read up on cookies and sessions.
The skinny of it is that you're going to want to do something like this:
<?php
session_start();
if ($_POST['var']) {
$_SESSION['var'] = $_POST['var'];
}
echo $_SESSION['var'] ?: $defaultValue;
Then you'll notice that the message changes only when you post and won't exist before then.
I have a login form which sends 3 post values from username, password and submit button. But my form processor has 3 pages one is validation.php which validates the field second is read.php which checks the posted values against db and third is login.php which is a result of login success. All redirect to each other respectively on success. Problem here is that when I try to access the user posted values from form in read.php (redirected page) not validate.php (action page) I get an error of undefined index.
I really don't see why you are doing all those redirects, but if you want to make the data more persistent you could use a session variable, because the $_POST superglobal is only set for the current request.
firstfile.php
<?php
session_start();
$_SESSION['posted_data'] = $_POST;
other file
<?php
session_start();
var_dump($_SESSION['posted_data']);
However as already stated you may really want to reconsider doing all the requests.
UPDATE
Besides the fact that you will loose your data you are also doing multiple (unneeded) requests to simply sumbit the form. The only redirect that should happen is to the successpage when you have done all you work. See this for more information: http://en.wikipedia.org/wiki/Post/Redirect/Get
If you are look to keep you code clean you could always just include the other files or go for an OOP approach.
You should do one page only that will do all the work. That doesn't seem too complicated of a script, so I would advise putting everthing together on one page.
You did not provide any code so I'll show you a general example. I just typed it without rereading so it's not pure PHP syntax, just the spirit:
<?php
$login=$_POST['login'];
$pwd=$_POST['pwd'];
$dbcheck = mysql_fetch_array(mysql_query("SELECT COUNT(1) FROM table WHERE user =$login and pwd = $pwd"))
if($dbcheck[0] > 0) {
//Login success
//Setup your session variables, cookies, etc
//Then you can do your redirect here
} else {
//Page for wrong login
}
I am trying a new CAPTCHA Script from here. To call the CAPTCHA code you use: $_SESSION['captcha']['code']
Well that works when I echo it out on the main form, but when I echo it after the form has been submitted, it displays a new code so I can never find out what the old code was when they submitted the form.
if($_POST['submit']) {
echo $_SESSION['captcha']['code'];
}
How can I save that session data and not make it change any more?
You should store it in your own SESSION variable:
$_SESSION['old_captcha'] = $_SESSION['captcha'];
Then, when the form is submitted, use you own variable:
if($_POST['submit']) {
echo $_SESSION['old_captcha']['code'];
}
Put that BEFORE you include the captcha.php again on the next step.
My guess is that it displays a new code because you come back to the page that displays it. Try submitting to a different page, or maybe not executing the captcha creation code if the session variable is already set.